Title :
Hybrid approach to detect SQLi attacks and evasion techniques
Author :
Makiou, Abdelhamid ; Begriche, Youcef ; Serhrouchni, Ahmed
Author_Institution :
Telecom Paristech, Paris, France
Abstract :
Injections flaws which include SQL injection are the most prevalent security threats affecting Web applications[1]. To mitigate these attacks, Web Application Firewalls (WAFs) apply security rules in order to both inspect HTTP data streams and detect malicious HTTP transactions. Nevertheless, attackers can bypass WAF´s rules by using sophisticated SQL injection techniques. In this paper, we introduce a novel approach to dissect the HTTP traffic and inspect complex SQL injection attacks. Our model is a hybrid Injection Prevention System (HIPS) which uses both a machine learning classifier and a pattern matching inspection engine based on reduced sets of security rules.
Keywords :
Internet; SQL; firewalls; hypermedia; HIPS; HTTP data streams; SQLi attacks; WAF; Web application firewalls; evasion techniques; hybrid Injection prevention system; injections flaws; malicious HTTP transactions; security threats; Databases; Engines; Pattern matching; Protocols; Security; Uniform resource locators; Vectors; HTTP dissection; SQL injection; Security rules; Web Application Firewall; machine learning;
Conference_Titel :
Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), 2014 International Conference on
Conference_Location :
Miami, FL
